The following information is provided to comply with the requirements of the General Data Protection Regulation.
This privacy statement describes why and how we collect and use personal data and provides information about individuals’ rights. It applies to personal data provided to us, both by individuals themselves or by others. We may use personal data provided to us for any of the purposes described in this privacy statement or as otherwise stated at the point of collection.
Identity and contact details of the controller and where applicable, the controller’s representative and the data protection officer
Where a mortgage practitioner of Nony Kerr-Smiley is not appointed as office holder, the data controller is either the company/individual on whose instructions Nony Kerr-Smiley is acting. The contact details of Nony Kerr-Smiley, Tel: 07712648740; email: firstname.lastname@example.org.
Where a mortgage practitioner of Nony Kerr-Smiley is appointed as office holder and the data processing is carried out as part of their statutory duties, the office holder(s) is/are the data controllers. However, where they are processing data on behalf of the entity which they are appointed over, then the data controller is that entity. Whichever is relevant the data controller can be contacted at: Nony Kerr-Smiley, Tel: 07712648740; email: email@example.com.
How we use your personal information
The purpose for which personal information is processed may include any or all of the following:
• deliver services and meet legal responsibilities
• verify identity where this is required
• communication by post, email or telephone
• understand needs and how they may be met
• maintain records
• process financial transactions
• prevent and detect crime, fraud or corruption
• may also need to use data to defend or take legal actions related to the above
Lawful basis for the processing
Most processing is carried out to comply with our legal obligations under statute and other regulatory obligations related to the insolvency process. We also believe our processing is for the legitimate interests of all stakeholders in the insolvency process, as they are entitled to be kept informed and may wish to engage in the insolvency process. Where Nony Kerr-Smiley has engaged with a client to perform a service, we will be required to process data to provide the service in accordance with the contractual terms.
What personal information we hold
The categories are: contact details, financial information and location. In rare cases, we may hold some special category data, e.g. trade union membership or information about individuals’ health, which will be necessary to administer the insolvency process in line with our legal obligations.
Who we share our data with
Personal data held by us may be transferred to:
Details of all our offices can be found on our website, www.nonykerr-smiley.com. We may share personal data with other member firms/other offices where necessary for administrative purposes and to provide professional services to our clients.
Third party organisations that provide applications/functionality, data processing or IT services to us
We use third parties to support us in providing our services and to help provide, run and manage our internal IT systems. For example, providers of information technology, cloud based software as a service provider, identity management, website hosting and management, data analysis, data back-up, security and storage services. The servers powering and facilitating that cloud infrastructure are located in secure data centres around the world, and personal data may be stored in any one of them.
Third party organisations that otherwise assist us in providing goods, services or information
Auditors and other professional advisers
Law enforcement or other government and regulatory agencies or to other third parties as required by, and in accordance with, applicable law or regulation
Occasionally, we may receive requests from third parties with authority to obtain disclosure of personal data, such as to check that we are complying with applicable law and regulation, to investigate an alleged crime, to establish, exercise or defend legal rights. We will only fulfil requests for personal data where we are permitted to do so in accordance with applicable law or regulation.
How long we retain your personal information
We retain personal data for as long as is necessary to achieve the purpose listed above and for any other permissible related purpose. For example, we retain most records until the time limit for claims arising from the activities has expired or otherwise to comply with statutory or regulatory requirements regarding the retention of such records.
The GDPR provides the following rights for individuals:
Right to inform
This privacy notice meets our requirement to inform you of our processing of your data.
Access to personal data
You have a right of access to personal data held by us as a data controller. This right may be exercised by contacting us at firstname.lastname@example.org. We will aim to respond to any requests for information promptly, and in any event within one month.
Amendment of personal data
To update personal data submitted to us, you may email us at email@example.com or, where appropriate, contact us via the relevant website registration page or by amending the personal details held on relevant applications with which you registered.
Rights that do not apply in these particular circumstances
Not all of the rights under the GDPR are available as one of the reasons we are holding your data is on the basis of it being a legal obligation and therefore the right to erasure, data portability and to object do not apply.
Right to withdraw consent
The data received was not based upon obtaining consent and therefore the right to withdraw consent does not apply.
Changes to our privacy statement
We keep this privacy statement under regular review and will place any updates on our website. Paper copies of the privacy statement may also be obtained by email to firstname.lastname@example.org.
This privacy statement was last updated on January 19th 2021.
Should you want to complain about our use of personal data, please contact us at by email to email@example.com.
You also have the right to lodge a complaint with the Information Commissioner’s Office (“ICO”) (the UK data protection regulator). For further information on your rights and how to complain to the ICO, please refer to the ICO website.
Who provided the personal data
The personal data we have used to contact you was provided by the company/individual (or persons acting on their behalf) on whose instructions we are acting or in relation to which our insolvency practitioner has been appointed. We also access information from the Registrar of Companies and other similar public-access data providers.